Compliance Verification
Compliance Verification Function
As part of the Group's comprehensive internal control and governance system, GCO has a compliance verification function, which is a key part of its second line of defence. This function is responsible for advising the governing bodies of GCO companies on compliance with the legal, regulatory and administrative provisions that affect them, as well as compliance with internal regulations, the assessment of the possible repercussions of any changes in the law, and determining and assessing compliance risk.
Compliance Verification Committee
In accordance with the principles set out in our Code of Ethics, GCO is firmly committed to faithful compliance with the regulations applicable to our activity. To ensure they are implemented we have a Compliance Verification Committee, which coordinates, supervises and establishes common criteria for all our entities with regard to the application of regulations affecting them. This ensures the maximum possible security in the management of compliance risk in the activities carried out by the organisation, in accordance with the best international standards on compliance and the guidelines of national and European control authorities.
Prevention of money laundering and the financing of terrorism
In order to promote transparency and contribute to maintaining the trust of our stakeholders, we have a corporate governance framework for the prevention of money laundering and the financing of terrorism, which all our companies must apply to their operations, their business and their business relations.
This framework enables our stakeholders to deal with us without the fear that misuse of the financial system or other areas of economic activity may pose a risk of money laundering or the financing of terrorism. We have also appointed a representative to oversee compliance with regulations for the prevention of money laundering and the financing of terrorism and deal with the Executive Service of the Commission for the Prevention of Money Laundering and Monetary Offences (SEPBLAC).
Personal data protection and information security
As an integral part of this function, in order to promote transparency and contribute to maintaining the trust of our stakeholders, we have set up a corporate governance framework for personal data protection and information security. Its purpose is to guarantee the confidentiality and privacy of personal data and information and to preserve a secure environment for managing the processing systems and services that support them.
Both the Group's Data Protection Officer and the Compliance Verification Director hold Data Protection Officer certification issued by the Spanish Data Protection Agency (AEPD), guaranteeing that they are professionally qualified and have the necessary knowledge to perform these roles.